search

agens-no / EllipticCurveKeyPair

Sign, verify, encrypt and decrypt using the Secure Enclave
Other
708 stars 114 forks source link

iOS 13+ #63

Closed zmian closed 2 years ago

zmian commented 2 years ago

Hi @hfossli-agens,

Thank you for creating this library. I have been using this in some of my projects.

I was wondering if you had an interest in bumping the minimum project version to iOS 13+ as this will allow the project to use CryptoKit and potentially simplify some parts of the library. I am happy to open a pr.

Here is an example of some improvements:

SHA256.swift: This whole file can be replaced with:

import Foundation
import CryptoKit

extension Data {
    func sha256() -> Data {
        Data(SHA256.hash(data: self))
    }
}

Device Token Type

After

import CryptoKit

public enum Token {
    case secureEnclave
    case keychain

    public static var secureEnclaveIfAvailable: Token {
        SecureEnclave.isAvailable ? .secureEnclave : .keychain
    }
}

Before

public enum Token {
    case secureEnclave
    case keychain

    public static var secureEnclaveIfAvailable: Token {
        return Device.hasSecureEnclave ? .secureEnclave : .keychain
    }
}

public enum Device {
    public static var hasTouchID: Bool {
        if #available(macOS 10.12.2, *) {
            var error: NSError?
            let result = LAContext().canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error)
            EllipticCurveKeyPair.logger?(String(describing: error))
            return result
        } else {
            return false
        }
    }

    public static var isSimulator: Bool {
        return TARGET_OS_SIMULATOR != 0
    }

    public static var hasSecureEnclave: Bool {
        return hasTouchID && !isSimulator
    }   
}

Thanks!

hfossli-agens commented 2 years ago

Nice. I don't have time in the coming month. It would probably be an extension of the work on a 2.0 of this project https://github.com/agens-no/EllipticCurveKeyPair/blob/renewed-api/Sources/EllipticCurveKeyPair.swift

I have tried to keep this project small and very «copy pastable». As you say with cryptokit you only need one file from this project. I want people to just copy and take what they like instead of adding this project as a dependency. That's why the main files code hasn't been split in to many files.

zmian commented 2 years ago

@hfossli-agens thanks for the prompt reply. I understand and agree with rational to keep the project small -- my suggestion was towards that goal as well to get rid of even SHA256.swift file and even less code to maintain in the main file by moving the responsibility over to CryptoKit directly and this project becomes a simpler wrapper API.

Having said that, I see you are already have rewrite in progress. So I will close this. Thanks.

hfossli-agens commented 2 years ago

❤️😊